I can not make SSO with crowd working. I have set up SSO, as desribed in the articles for Jira and Confluence, but can not make it work.
If I log in to Jira with a Crowd User and then change to Confluence I have to log in again.
I have checked the cookies. The Crowd Cookie seems to be there, like you can see here:
This cookie somehow seems to be ignored on my Jira, Confluence and crowd.
So they all are sharing the braunstein-web.com domain.
The crowd directory for Jira and Confluence is set up correctly with the above url and is working. Just Single Sign On does not work.
The username I use is "armin". This user is inside the groups "jira-administrators", "jira-users", "confluence-administrators", "confluence-users", "crowd-administrators".
On Jira I am using the SSOSeraphAuthenticator, on Confluence the ConfluenceCrowdSSOAuthenticator.
I also tried to switch off the "Require consistent client IP address", but also did not help.
Please find the debugging log of crowd here:
If that is how Atlassian is caring about issues of customers, then I maybe better should not use Jira if my company grows bigger..
I bought crowd actually only for having SSO, and now I can not use it, even, at least it seems, the configuration is done correctly.
I know it's only the "community support", but in the community support description it's written, that, if no answer comes from the community, Atlassian members will care about. But so far no reaction from Atlassian. The bigger licenses would really cost not so less money, that makes a bit worry if it will be also like that, if I need a higher license..
Ok thanks @Armin Cheng for your quick answer. I wanted also to thank you for buying Crowd and let you know that we are working on improvements of SSO. The current functionality of course should work for you properly so we will look into that and let you know.
@Marcin Kempa can you please advice something here?
Please accept our apologies for not reacting earlier on your request.
As I understand you problem is that you have:
set in the same domain.
All of them have the same user directories configured in Crowd (so Jira and Confluence have same ldap or internal directories in the same order configured inside Crowd application).
You have configured seraph.xml files in both Jira and Confluence to use SSO authentication with Crowd (also the crowd.properties files in those applications properly points to Crowd).
When you log in to Jira and then navigate to Confluence you need to login again as the session is not automatically authenticated.
The crowd.token_key cookie is properly set on that domain.
Is that a fair summary of your issue?
I had a look at your log file, and it looks like there are errors indicating that password did not match. Would it be possible that the directories are not configured in different order for those applications?
In order to investigate this issue further please provide har file of you trying to login to those applications and support zips of all applications in your setup (those will include log files)
If possible I would suggest opening a support case, so that we could exchange files easily not exposing any sensitive data if that is not possible due to licensing restrictions please send us those files at email@example.com and we will try to help you with that.
Two vulnerabilities have been published for Confluence Server and Data Center recently: March 20, 2019 CVE-2019-3395 / CVE-2019-3396 April 17, 2019 CVE-2019-3398 The goal of this article is...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs